Posts Tagged ‘vps’

Virtualisation technology is playing a vital roles in web hosting business. It has erased all the limits of hosting & it is making web hosting business more cost-effective. Virtualisation techniques & softwares allows users to use the hardware more efficiently. This reduces the cost engaged in aquiring hardware assets as multiple ‘VPS’ or ‘virtual machines’ runs on same hardware node. On a good hardware node you can host number of virtual machines.

Virtualisation solution is the smart way to scale your resources. The biggest advantage with virtualisation is that you get more out of the servers & you only pay for the resources that you are using at any given time.

In virtualisation virtual machines can be moved around the network or physical hosts without any manual work. This make it cost-effective & reduces downtime also.

We can consider SHARED HOSTING is like living in an apartment building and sharing your neighbours’ problems. You hear their music through the wall. If one of them leaves the main door open, your security is at risk.

On a shared server, all the website hostings share the operating system and resources. Problems with your neighbours’ website hostings can slow down the server performance or require it to be shut down while the problem is being fixed. The slowdowns may also resulted from having too many website hostings on a server. Your site’s security depends in part on decisions made by your web host and, perhaps, your neighbours too.

Depending on your neighbours and, to a larger extent, your web host, you may have few or no problems with a shared hosting account. By sharing the resources, the cost is more economical than a VPS Hosting. Furthermore, for a basic website hosting, you require little or no technical knowledge to maintain your website hosting.

The majority of website hostings are on shared servers.

Where VPS Hosting HOSTING is more like living in a townhouse with your own private yard, and without ever hearing your neighbours. The only common area you share is the parking area and entrance; all traffic goes through one network port. In contrast to apartments or shared hosting accounts, you pay more for a VPS Hosting, but you can do what you want with the space, and your neighbors’ problems aren’t your problems.

VPS Hosting gives you the features and functionality of a dedicated server without the cost of building and maintaining one. If you need to host unlimited domains, have complete control of your environment and run your own applications, then you will benefit from having a VPS Hosting. In addition, a VPS Hosting provides the ability to manage your dedicated environment directly through SSH or Remote Desktop Connection. In addition, you can add a control panel like cPanel to our Linux VPS Hosting Plus plan. The control panel enables the administrative user to perform actions to their VPS Hosting immediately, without having to contact support to have a technician to complete any necessary requests.

You probably know what TCP/IP is; any computer using TCP/IP will have a unique IP address by which data in the form of packets is sent and received from other computers. The process of passing data packets from one computer to another by analyzing the ”routing tables” to reach the destination is known as routing. A routing table is a database of defined rules that determines the best path for data packets as they go towards their destination IP address. The process of routing is performed by a device called a router. But IP addresses used for internal or private networks are not registered; they are referred to as local IP addresses. These addresses are used for data transmission within the LAN, and are not visible on the Internet. For data transmission from the internal network to the Internet, the local IP is registered as a global IP address by Network Access Translation (NAT). NAT provides security by hiding internal IP addresses, enables the use of more IP addresses without the possibility of IP conflicts, and multiple ISDN (Integrated Services Digital Network) connections appear as a single Internet connection. This provides a first line of defense, but because NAT only translates IP addresses, a firewall is usually used in conjunction with a NAT router for security against incoming data packets from the Internet. The firewall could be software or hardware.

In Some Detail: NAT

NAT is a standard that enables use of separate sets of IP addresses for internal and external traffic. The translation of local IP addresses to a global IP is done on a one-to-one (one internal address to one global address) or many to many-to-one (a group of internal address to one global address) basis while connecting to the Internet. NAT can be used by a computer, a router, or a firewall. NAT has several forms, such as static, dynamic, overloading, and overlapping. Static NAT translates any unregistered local IP on a one-to-one basis to a registered global IP address. The Internet Assigned Numbers Authority (IANA) has reserved three blocks of the IP address space for private networks:

Any enterprise can use such IP addresses, and these will be unique within that enterprise. When the enterprise needs to connect to the Net, it needs to get a unique global / public IP address from the Internet registry. That public IP address will never be assigned from the three blocks for private networks. As an example, 192.168.21.14 will be translated as 212.15.48.105 and used for external traffic. Dynamic NAT translates any local unregistered IP address to a registered global IP address from a group or range of global IP addresses. For example, 192.168.21.14 will be translated to any of the global IP addresses ranging from 212.15.148.105 to 212.15.148.120. In the case of overloading, each IP address on the private network is translated to a registered IP address, but with a different port number. The internal IP might be in use by any other network. In some cases, the internal IP range might be a registered range in use by another network. Here, the NAT translates addresses to avoid potential conflicts. This is called overlapping. It can be done by using static NAT or by using DNS and dynamic NAT. Firewalls are intrusion protection systems to prevent packets from unsecured, unknown, or unauthorized locations coming in. Firewalls can be software or hardware. Software firewalls are installed inside the System OR Dedicated Server OR VPS (Virtual Private Server). Some good examples of Software Firewall which are widely used are IPtables, CSF etc. (For Linux Servers) and Windows default Firewall, Deerfield, Comodo etc. (For Windows Servers).NAT routers offer packet-filtering firewalls (hardware). These examine the source IP address and port, as well as the destination IP address and port, to determine whether the packet is to be accepted or dropped.

Hardware Firewalls

On a hardware firewall, user created or predefined rules about data packets to be blocked from specific TCP/IP ports are configured. The firewall uses a technique of packet filtering by which it examines the header of incoming packets to determine their source and destination. It is then determined whether to take in or exclude the packet. With hardware firewalls, only incoming traffic is restricted, and not outgoing traffic. So a malicious program such as a key logger, which has already entered the local network and is concealed as safe program, can send information to its destination. Also, at times, routing through the router is blocked, and peer-to-peer activity on the network is not possible if the private network uses a NAT-enabled router.

There is debate on whether NAT will be necessary, whether it will provide better security, etc. when IPv6 is implemented.

Here is the top 10 tips and tricks to help optimize your Windows VPS server running on Virtuozzo.

1. Disable Indexing Service.
Unless you’re using the FrontPage search bot you generally don’t need indexing service running and you should disable it.

2. Defrag your drives.
Disk I/O is king, especially in a VPS and you should be regularly defragging your drives in your VPS just as you would in a physical server.

3. Don’t run antivirus in the VPS.
Antivirus should always be run from the host node and on our servers it is. We use either AVG or McAfee on our hardware nodes. This doesn’t mean you have to accept virus infected emails. Configure your mail client to allow a suitable delay in email delivery (I recommend 60 seconds if you can, otherwise 30 should be sufficient) and the hostnode antivirus will take care of the rest.

Smartermail installs clamd these days and we recommend you disable it and not use it. It’s proven to be quite the resource hog.

4. Don’t run spamassassin.
Disable spamassassin checks in your VPS Hosting when running Smartermail. If you absolutely have to have spamassassin running with your VPS Hosting you should run spamassassin on a Linux dedicated server or VPS Hosting and remotely connect to it in smartermail, this works great and allows you to make use of threading.

5. Enable Windows Firewall and secure your VPS Hosting.
This is a must. Although the kernel is protected in your VPS Hosting, you’re still responsible for security in your virtual private server. Enable Windows Firewall and configure it.

While on the topic of security you do not have to install OS updates, these are managed at the host-level. However you do need to remain aware of new updates and install them for any other server software you may have installed on your windows VPS Hosting server such as SQLexpress updates, Smartermail updates, etc. If you’re using Plesk you can request support to update Plesk for you as it’s installed through an application template. Verify things like open-relay mail servers are not enabled, anonymous FTP uploads are disabled, etc.

6. Whenever possible use an application template.
Application templates save memory and diskspace on your VPS Hosting. An example of this is the OS install on your VPS Hosting. With just Windows your VPS Hosting uses about 150MB of diskspace, yet a full install of the OS uses about 4GB of diskspace. In fact an install of Windows Server 2003 on almost every other virtualization platform will use 4GB of diskspace. This is a huge savings.

7. Close your Terminal Services sessions and logout, do not just disconnect.
Each active Terminal Services session uses about 20MB of memory. When you consider each VPS Hosting has generally 2 TS sessions (3 if you include the fact you’re able to TS into the console by using the command mstsc /console /v:YOUR_SERVERNAME ) and figure about 30 active VPS Hostings on a machine that adds up to close to 2GB of memory that would be wasted memory on a server.

8. Some applications when installing may require you to connect to console port.
One such application is Windows Sharepoint Services 3.0. To connect to the console port use the command from dos: mstsc /console /v:YOUR_SERVERNAME where YOUR_SERVERNAME is your VPS Hosting host name.

9. Don’t forget that you can manage your VPS Hosting through the Virtuozzo Power Panels,
This includes tasks such as stop, start, reboot, backup, restore and even mount the filesystem without turning on the VPS Hosting. To access the management port go to: https://YOUR_SERVERNAME:4643/ where YOUR_SERVERNAME is your VPS Hosting host name. Remember when connecting to a port you have to explicitly type http://YOUR_SERVERNAME:PORT/ and not just type YOUR_SERVERNAME:PORT.

There is a bug in the virtuozzo power panels that it may throw errors and say contact your web hosting provider. If you get these errors the first thing you should do is go to preferences and set the timezone to your local time zone and not leave it to server default. This generally fixes that error and a bugfix is due out shortly from SWsoft to fix this known issue.

10. Configure your SQL Server services or better yet use shared SQL.
These days any web application is going to require a SQL Server database be it MSSQL or MySQL. Our recommendation is use a shared SQL Server database on a shared database server. Today SQL Server hosting is pretty cheap and networks like ours use a dedicated gigabit network for internal traffic so any latency connecting to the SQL Server would be offset quickly by the amount of memory and Disk I/O you’d save by not running SQL Server on your VPS Hosting. If you must run SQL Server on your VPS Hosting though then make sure you set a memory cap on the SQL Server service or you’ll find before long it’s using all your memory on your VPS Hosting and your applications will be starving for memory.

VPS Hosting’s have two types of resources they need to manage the most, that’s memory and disk I/O. Everything you can do to minimize or optimize your usage of these two resources will improve your VPS Hosting performance. We would love to hear from anyone else that has any recommendations on how to improve the performance/security of a VPS Hosting/VE running on Virtuozzo for Windows.